<html>
<head>
<script>

if (window.testRunner)
    testRunner.dumpAsText();

window.onload = function()
{
    document.getElementById("result").innerHTML = (document.getElementById("f").sandbox != "allow-scripts")
                                                ? "FAIL: sandbox attribute modified"
                                                : "PASS";
}

</script>
</head>

<body>
    <p>This is a &quot;sanity&quot; test case to verify that a sandboxed 
    frame cannot break out of its sandbox by modifying its own sandbox
    attribute. Two attempts are made:</p>
    
    <ol>
        <li>First, an attempt is made to modify the sandbox attribute of the
        &quot;self&quot; object, referring to the frame's window. This should
        not have any effect (the attribute is associated with the iframe DOM
        node, not the window). No warning is expected.</li>
        <li>Second, an attempt is made to modify the iframe DOM object's sandbox
        attribute. A warning message (about cross-site scripting) is expected,
        and the sandbox attribute should remain intact.</li>
    </ol>
    
    <p>This test will print &quot;PASS&quot; on success.</p>

    <p id="result">FAIL</p>

    <iframe id="f"
            sandbox="allow-scripts"
            src="resources/sandboxed-iframe-modify-self.html">
    </iframe>
</body>
</html>
